My team is writing a Mac OS application that needs to call a shell script in an external directory.
The application works fine on Yosemite (10.10.3). However, if I run it on El Capitan (10.11.2), the application gets errors like this from the script:
/bin/bash: <path-to-script>: /bin/sh: bad interpreter: Operation not permitted
I can trigger this error on a simple script like this:
#!/bin/sh
echo "Hello World!"
I do not get an error if I run the scripts manually from the Terminal.
The application opens the script directory using a filechooser. I confirmed that the application can read other files from this directory.
Changing /bin/sh
to /bin/bash
or a copy of /bin/sh
on a different path gives the same error with the new interpreter path.
A coworker tested this issue on a El Capitan machine with System Integrity Protection disabled, but he got the same error.
I am installing the test application from a .pkg file. The entitlements are:
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.files.bookmarks.app-scope</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
Adding the com.apple.security.files.user-selected.executable
entitlement did not make a difference
If I try to run the .app that is generated in an intermediate step in the package build, I am able to run the script with no errors.
The question below describes a similar error. However, I checked both the application and the script, and I found that neither one had the com.apple.quarantine
attribute set.
Mac OS: /usr/bin/env: bad interpreter: Operation not permitted
https://apple.stackexchange.com/questions/49589/bash-applications-mvim-bin-sh-bad-interpreter-operation-not-permitted
--- UPDATE ----
We added two more in PKG entitlement list:
<key>com.apple.security.scripting-targets</key>
<true/>
<key>com.apple.security.temporary-exception.apple-events</key>
<true/>
We tried to run the simple .sh file by an AppleScript (.scpt) file (stored in application directory), we also confirmed that the .sh file nor the .scpt file has any extended attribute as well, but we still have that error.
Following shows ls -@Oel
commands on both AppleScript and shell script file respectively.
$ ls -@Oel TestMXMLCall.scpt
-rwxrwxrwx 1 root wheel - 2302 Jun 15 03:12 TestMXMLCall.scpt
$ ls -@Oel /usr/local/bin/mxmlc
-rwxr-xr-x 1 santanukarar staff - 2190 Jun 15 01:17 /usr/local/bin/mxmlc
try this:
$ ls -l@ whereverthescriptis
If it says it's got com.apple.quarantine, that's the problem. Run one of these on it, from least dangerous to most:
$ xattr -d com.apple.quarantine whereverthescriptis # delete that attr
$ xattr -c whereverthescriptis # delete ALL the attrs on file
$ xattr -c * # on every file in this dir
$ xattr -cr . # and all subdirectories
I hope this will help someone, because mine was a slightly unique solution of the above problem: I had someone else do the code for me, so when I got the code, it would not run with "Operation Not Permitted" status on both android and iOS.
It turns out that I have to go to the folder that contained the project, and take ownership of the folder. You can do this on a Mac by going to the folder containing the Flutter project, and clicking on "Get info" from the context menu. Then change your access rights to "read-only", then back to "write and read" in the last pane in the bottom.
Follow this by one of the advices above to remove the Apple quarantine attribute from the folder by going to Terminal, then use "cd" command to navigate to the folder containing your Flutter project, and typing the following command:
xattr -dr com.apple.quarantine [your flutter project directory name]
That's it! Now Android Studio, or your IDE of choice, will be able to run both iOS and Android versions from that folder.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With